Analysis

  • max time kernel
    117s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    23-05-2024 01:45

General

  • Target

    abf32fbc5bd23158cd997ecd6963ff5258985e7fd8064887cc3d9bcb6e28cc83.exe

  • Size

    79KB

  • MD5

    10e4d59815441fd9feaaa1aa21c9f0b3

  • SHA1

    3f29b047e0fe51b7693bd6dc26e7cffac6173782

  • SHA256

    abf32fbc5bd23158cd997ecd6963ff5258985e7fd8064887cc3d9bcb6e28cc83

  • SHA512

    8d1710e29974886810a8a23cad34a5461e45c0fa9608c5a135abd9cb47f0c0af1acbc4f491c58a7beeed32249d799184456bced2bde585a32dd3ddad046bb884

  • SSDEEP

    1536:zvWVp8E5yc1l8OUhOQA8AkqUhMb2nuy5wgIP0CSJ+5yfB8GMGlZ5G:zvAiLOhGdqU7uy5w9WMyfN5G

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\abf32fbc5bd23158cd997ecd6963ff5258985e7fd8064887cc3d9bcb6e28cc83.exe
    "C:\Users\Admin\AppData\Local\Temp\abf32fbc5bd23158cd997ecd6963ff5258985e7fd8064887cc3d9bcb6e28cc83.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3020

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\[email protected]

    Filesize

    79KB

    MD5

    1b3f829d417fc51ee8b90fbfbda1f454

    SHA1

    645de02e21dbcfe4a1194fb9d0d34b01ab2ba9c2

    SHA256

    58254d3e8c5a6062db7ff11b30cba9d0e893e3484d125fcdaa313cf89357db77

    SHA512

    cc8478ea1bd12f46bad7b91cef97e02c9ade337455c11fd385636458388463b93c65f59687127d083627363a398a8a17fdb02fd5df78c00a69872ac212f6ae13

  • memory/2160-7-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB

  • memory/3020-8-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB